Advertisement
Guest User

Untitled

a guest
Oct 31st, 2014
168
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.93 KB | None | 0 0
  1. '''
  2. This is free and unencumbered software released into the public domain by sku.
  3.  
  4. Anyone is free to copy, modify, publish, use, compile, sell, or
  5. distribute this software, either in source code form or as a compiled
  6. binary, for any purpose, commercial or non-commercial, and by any
  7. means.
  8.  
  9. In jurisdictions that recognize copyright laws, the author or authors
  10. of this software dedicate any and all copyright interest in the
  11. software to the public domain. We make this dedication for the benefit
  12. of the public at large and to the detriment of our heirs and
  13. successors. We intend this dedication to be an overt act of
  14. relinquishment in perpetuity of all present and future rights to this
  15. software under copyright law.
  16.  
  17. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  18. EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  19. MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
  20. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
  21. OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
  22. ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
  23. OTHER DEALINGS IN THE SOFTWARE.
  24.  
  25. For more information, please refer to <http://unlicense.org/>
  26. '''
  27.  
  28. import idaapi
  29. import idautils
  30. import idc
  31.  
  32. def offset(name, pattern, offs=0, nth=0, start=idc.MinEA(), end=idc.MaxEA()):
  33.     address = idaapi.find_binary(start, end, pattern, 16, idc.SEARCH_DOWN)
  34.     if nth == 0:
  35.         print '\t%s = 0x%X,' % (name, address + offs)
  36.     else:
  37.         offset(name, pattern, offs, nth - 1, address + 1, end)
  38.  
  39. if idc.MinEA() == 0x400000:
  40.     print '\t// x86'
  41.     offset('kTerrainClick', '55 8b ec 83 ec 0c 53 8b 1d ? ? ? ? 57 33 ff')
  42.     offset('kGetGuidByKeyword', '55 8b ec 51 51 56 e8 ? ? ? ? 89 45 fc')
  43.     offset('kConsoleregister', '55 8b ec 53 8b 5d 08 53 e8 ? ? ? ? 59 83 f8 40')
  44.     offset('kExecuteLua', '55 8b ec 51 ff 05 ? ? ? ? a1 ? ? ? ? 53 56 57')
  45.     offset('kClntObjMgrObjectPtr', '55 8b ec 83 3d ? ? ? ? 00 74 1d')
  46.     offset('kGetUnitPosition', '55 8b ec 8b 89 ? 00 00 00 8d 41 10 50')
  47.     offset('kPointerCheck', '72 05 39 4d 08 72 21')
  48. elif idc.MinEA() == 0x140000000:
  49.     print '\t// x64'
  50.     offset('kTerrainClick', '40 53 ? 41 ? 48 83 ec 50 48 8b 1d ? ? ? ? 48 8b ?')
  51.     offset('kGetGuidByKeyword', '48 89 5c 24 18 48 89 7c 24 20 48 89 4c 24 08')
  52.     offset('kConsoleregister', '48 89 5c 24 10 48 89 6c 24 18 57 41 54 41 55 48 83 ec 20', nth=1)
  53.     offset('kExecuteLua', '48 89 5c 24 08 48 89 6c 24 10 48 89 74 24 18 57 41 54 41 55 48 83 ec 20 ff 05 ? ? ? ?')
  54.     offset('kClntObjMgrObjectPtr', '48 83 ec 28 48 83 3d ? ? ? ? ? 44 8b ? 75 07 33 c0')
  55.     offset('kGetUnitPosition', '40 53 48 83 ec 20 48 8b 89 ? ? ? ? 48 8b da')
  56.     offset('kPointerCheck', '72 05 48 3b d8 72 22')
  57. else:
  58.     print 'Unknown architecture?!'
  59.    
  60. '''
  61. Old values:
  62.  
  63. // WoW offsets, not rebased. Makes it easier to
  64. // cross-reference stuff in IDA Pro.
  65. // WoW version: 17538
  66. enum : DWORD_PTR
  67. {
  68. #if defined(_M_IX86)
  69.     kTerrainClick        = 0x00780D00, // 0x00783504, // 0x00783490,
  70.     kGetGuidByKeyword    = 0x00892DDF, // 0x00895852, // 0x008957F7,
  71.     kConsoleRegister     = 0x00448018, // 0x0044848D, // 0x0044849D,
  72.     kExecuteLua          = 0x0044F9EC, // 0x0044FE8C, // 0x0044FEDA,
  73.     kClntObjMgrObjectPtr = 0x00790CDD, // 0x007934C7, // 0x00793453,
  74.     kGetUnitPosition     = 0x007B2FE4, // 0x007B5B02, // 0x007B5A8A,
  75.     kPointerCheck        = 0x0050C04D, // 0x0050BF4A, // 0x0050BF57
  76. #elif defined(_M_X64)
  77.     kTerrainClick        = 0x0000000140585D20, // 0x000000014058B740,
  78.     kGetGuidByKeyword    = 0x0000000140744E60, // 0x000000014074A5F0,
  79.     kConsoleRegister     = 0x00000001400780E0, // 0x0000000140078990,
  80.     kExecuteLua          = 0x0000000140084C90, // 0x0000000140085490,
  81.     kClntObjMgrObjectPtr = 0x000000014059EC70, // 0x00000001405A4B40,
  82.     kGetUnitPosition     = 0x00000001405D9010, // 0x00000001405DF250,
  83.     kPointerCheck        = 0x00000001401AA4D7, // 0x00000001401AA957,
  84. #endif
  85. };
  86. '''
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement